Change Healthcare (2024)
On February 21, 2024, Change Healthcare — a UnitedHealth subsidiary processing roughly one-third of US healthcare payment claims — was attacked by BlackCat/ALPHV ransomware. The shutdown crippled pharmacy fulfillment, claims processing, and revenue cycle management nationwide for weeks. UnitedHealth disclosed the breach affected approximately 190M Americans, making it the largest US healthcare breach on record. UnitedHealth has reported $2.87B in direct costs as of FY2024 reports; sector-wide downstream costs (pharmacy cash-flow disruption, hospital revenue gaps, delayed care) are not consolidated. The incident demonstrates the systemic-risk profile of healthcare clearinghouses.
Details
February 21, 2024
BlackCat / ALPHV ransomware (with Notchy / RansomHub follow-on extortion)
none documented
Compromised Citrix portal credential without MFA
$22M to BlackCat (early 2024); additional ransom alleged paid to follow-on group
~190 million Americans (largest US healthcare breach on record)
~$2.87B UnitedHealth direct costs; sector-wide cascade much larger (medium confidence)
Related Wiki Pages
Top Related Pages
Catastrophic Cyber Tail Risk
Catalog of systemic single points of failure in cyber infrastructure that could plausibly produce $1T+ damage events. Treats which catastrophic cyb...
WannaCry (2017)
Colonial Pipeline (2021)
Cyberweapons Risk
AI-enabled cyberweapons represent a rapidly escalating threat, with AI-powered attacks surging 72% year-over-year in 2025.
AI Flash Dynamics
AI systems interacting faster than human oversight can operate, creating cascading failures and systemic risks across financial markets, infrastruc...